For those that haven't heard, Optus, an Australian Telco operator, is going through "a bit" of a hack debacle, where personal information from a suspected 10 million people has been exposed. One of the problems is going to be - They have less than 6 million customers, which means that they have lost the collected information from past customers too.
And, there is a lot of information, like passport and driver's license data - with the latter being particularly problematic, as the driver license number can't be changed, unless it has already been used in identity fraud. So, millions who already know they are compromised, can't do anything about it until after the fact - which seems like a "bit of a problem" in cases like this, where there are millions of known people involved.
Wouldn't it make more sense to issue them all with new documents pre-fraud? Not only would it make it easier if there is suddenly a flood of theft, but it gives a chance of actually tracking perpetrators, as they would be using old details.
Governments.
But, this is part of the problem with the world of centralized data security, because eventually, like every other central authority, they all fail.
All of them.
In this case, they are currently saying it is through human error, where an API was opened up for access that shouldn't have been connected to the wider internet and, the data was gone. Humans are fallible, as is code, because it is pretty much only as good as the humans who created it and no matter how secure, other humans are creating code to find weakness. It is all a big game and defenses can only be set up to counter past attacks and try to preempt for the future, but that is always going to be a losing battle, especially when there is money on the table.
And, as we should know by now, there is money in our data, which is why the largest data collecting companies on earth are also the wealthiest. While a criminal might use that data in one way, a data collector will be selling that data to be used in another, and the wider the range of information they have, the wider their potential customer base of potential buyers. This incentivizes them to not only collect more information on us, but also analyze and make sense of the information to better predict and influence our behaviors.
And, while a lot of people say that "if you aren't doing anything wrong, you have nothing to fear", the warning from these kinds of common hacks should be evidence enough that centrally collected data is a problem.
You might be doing nothing wrong, it doesn't mean that "wrong" isn't going to be done to you.
And, it is easy to see when there are nefarious hackers who are going to be using that information to drain bank accounts and order porn online - but the more profound effect of the data is when it is used to manipulate the way we think and act, because rather than targeting individual wallets, it is targeting demand culture, which is what drives supply and of course, generates wealth.
As the entire economy is now "data-driven" in some way, those with access to the best data also have access to the purse strings, affecting behavior to draw the majority of wealth to them, while leaving crumbs for others - just enough to give the sense that there is still hope.
Assuming that all centralized code is eventually going to fail and be exploited, there is essentially no safe haven. But, if instead a lot of this data was transparent, it wouldn't be usable as secure documentation for things like approval. But, look at for example the amount of election fraud that happens, or could happen, where the numbers don't add up or questions can be raised to validity - how is that still a problem in this day and age, where we have networks like Hive that has handled hundreds of millions of votes, and never made a mistake?
What most are trying to do is better protect their data, but that is a losing battle, because all protection will inevitably fail. What is likely the more practical and possible solution is to devalue data by opening it up and making secrecy irrelevant and no longer valuable. This of course doesn't mean nothing is hidden, but if Splinterlands can hide a battle prior to playing, I am sure there are ways to protect information similarly.
However, there is always going to be a push against devaluing data, because that information is used by companies and governments to make money and control us - this is what centralized authorities do by nature, because it is in their best interest to hold, wield and protect their power. Data is the crucial step in the process, where we are constantly "confessing" to the things we do, like good Catholics to a priest. Expecting them not to misuse what they now know, is as naïve as giving out account numbers to someone who asks for them over the phone, or sending crypto to a random person on Discord who promises high returns on an investment.
Resistance is futile.
At last in regards to being protected by a central entity, because there is far too much incentive working for their failure, combined with far too much incompetence at scale. The bigger they are, the more space between joints and the slower they move - kneecapping and hamstringing becomes easier with a larger target. Everyone should realize by now, no matter what the current conditions might say -
Nothing is too big to fail.
Time and time again this has been proven through history, but, time and time again decentralization has been proven effective as a survival mechanism. It is the way of nature itself and is protected because it keeps evolving in numerous ways simultaneously, creating many different alternatives, so that no single point of failure threatens the entire ecosystem.
This is not just in data protection either, it is also in the economic structures, where through globalization, we have become more intertwined and reliant on each other as a coordinated whole. But, due to the size and difficulty in management, all of the alignment that generates massive profits for some, is also a structural weakness when things go wrong. Because, the incentive is still there for part entities to maximize, but they can do so in a way that influences the entire system. It is like parts of the body choosing to maximize their desired behavior, without coordinating with other parts. Ultimately, all parts are going to suffer catastrophic failure, so no parts can function at all.
But, decentralize the economy into separate, but interactive parts where there is incentive to find balance and no one entity can control too much, and then failure of multiple points can cause disruption, but not be cataclysmic to the system. Failure can be absorbed by other pieces and can even result in their increased antifragility. But, if any individual entity starts to get too powerful, the checks and balances will ensure that they will be trimmed before the problem gets too large.
This can happen as long as there is enough distribution of not only the markers of wealth, but the processes of wealth creation. This is one of the largest problems in the current economy as essentially, markers of wealth can be used to buy into the mechanisms of wealth creation and there is no limiting factor on how much. As this keeps happening, more of the wealth markers are held in fewer hands, and those fewer hands own a greater percentage of the mechanisms to generate an unassailable gap, until failure.
It should be remembered that centralized economies are designed to fail, because of the way they are designed to continuously monopolize wealth. Eventually, one way or another, the Roman empire will fall due its own success - but Rome the city continues on functioning. Decentralization of activity is like building cities, not states. So, while the states can come and go, the cities can keep functioning as they always have, in service to the inhabitants that live there.
These hacks are going to keep happening and they are going to get larger and larger until at some point, the failure is so large, that it devalues the data stolen, making it worthless. But, if that is the path we are going to keep walking, between now and then, it is going to be very, very painful.
Taraz
[ Gen1: Hive ]
Posted Using LeoFinance Beta
Ausgov issues the ID documents and refuses to change them.
Ausgov requires Telcos to sight and store the data for at least 7 years
Ausgov requires that data be readily available to any of dozens of agencies, on demand.
Optus loses control of that data.
Ausgov wants more power to regulate.
If a Telco were permitted to sell services over the counter, no ID requirements, just a straight transaction. $100 cash for 12 months of mobile service. "Here's the SIM and the number, have a nice day"; they would. There'd be customers lined up around the block.
Imagine if the government told insurance companies that in order to operate, they needed to keep sufficient physical gold on hand to cover total liabilities. Also, that any public servant should be able to enter an office in the CBD and inspect that pile of gold, without any notice or wait time.
Ausgov doesn't care that 9 million people have been compromised. It only cares that capitalism gets blamed.
That's how it was when I arrived in Korea back in the late 90's. You could buy a phone almost anywhere, or someone leaving country sell you their used phone. Then all you had to do was buy a minutes card from any store.
Doesn't matter now. You might be on the run from domestic abuse. Can't have a service without providing a Telco with your full name, email, home address etc.
These are interesting points - aren't they? The excuses will be "drug dealers will take advantage"
Same as "crypto is only used by criminals".
And banks had to do the same in order to lend.
It's such an obvious pattern, when you start watching out for it.
The government requires businesses act dangerously; then waits for an opportunity to call them reckless.
I do not know much about the election process in Australia, such as do people vote via internet or not. Are there proposed changes to allow for electronic voting? I know they keep talking about it in America. 10 million votes can make a big difference in an election outcome.
They aren't talking about it in Australia as far as I know. In Finland, the conversation keeps getting shelved because they say "people aren't technically advanced enough" - yet, 100% of people online bank.
I don't like catastrophic failures but that's usually what ends up forcing people to adapt.
One day, we will be smart enough to adapt before change happens :D
Some already are.
I think one of the worst things about this is the fact that it is so common that businesses don't even care anymore. If you get enough people, you might be able to file some kind of class action, but for the most part the businesses don't even give you any kind of compensation anymore. They offer you free credit monitoring and identity theft protection, but honestly by that point it is a lost cause.
Posted Using LeoFinance Beta
People don't seem to care anymore. They just see it as another inconvenience that nothing can be done about.
And this is precisely what they have done.
Yeah, that is a good point. I don't get nearly as surprised as I used to when I get an alert that some company might have leaked my private data. I have a feeling most of my stuff is out there already. If I was worth targeting, they would have done it long ago!
Posted Using LeoFinance Beta
It becomes complacency, doesn't it? Remember that often, those who might be using this data for gain, aren't necessarily the richest in the world - so you are wealthy :)
Yeah, good point. I do a pretty good job of watching my score and stuff like that. Probably not as close as I should.
Posted Using LeoFinance Beta
I am not sure how the credit scoring works in Finland - I have never seen it.
This reminded me of Facebook data scandal. Till blockchain technology or till Hive-like platforms, they had exploited our data while we were satisfying our ego on those social medias.
Yeah, and they will keep exploiting and fucking up with the data, as long as we don't build alternatives to compete.
You are absolutely right, Sir. Behind it all, it all aims at accumulating wealth. Money is always on the table. Who wouldn't be tempted?
Controlled behavior is very painful. Everyone is directed and forced to spend money on them. It would enslave humanity on a global scale for the economic interests of a few majority holders of wealth.
Decentralization also becomes vulnerable due to leakage after leakage occurs, if you don't think of the best solution as a preventive measure to deal with it. "Thieves are always one step ahead of the police." !LOL
We will stay safe as long as we are not connected to the internet. But, who can survive being disconnected?
It isn't just the temptation - it is the application. The more society falls apart, the more applied it becomes.
The thing with decentralization like crypto is, it is possible to monetize and demonetize through usage alone - this means people can actually "vote with their digital feet"
I wanted to ask you something else unrelated but I didn't want to post it on your other post - there are a lot of reports coming out that Finland is seeing a huge influx of people fleeing Russia after the draft started, have you witnessed this or is it mostly just the media being full of shit?
It has gone up supposedly. From a day or two ago:
https://yle.fi/news/3-12637848
The challenge is an interesting one - because if they are fleeing Russia because they don't want to fight, it likely means they don't support the war in Ukraine and not letting them flee means they will be forced to fight - isn't that counter productive?
I was thinking the same thing - the worse kind of soldier is a soldier that is signed up involuntarily because you're shooting yourself in the foot if that person isn't doing it for the right reasons, so it can become a double edged sword and could even lead to sabotage...very weird situation and I'm not really keen to see how it's going to pan out.
You guys please stay safe there.
There is not much we can do in terms of staying safe -but overall, no one seems to spend too much time worrying about it considering the proximity.
It boggles my mind how people have almost become conditioned to be lackadaisical about it, it's actually weird. I can remember mentioning two years ago that I could see war breaking out in the next few years and everyone thought I was a loon. Well, yet again it seems my intuition was correct.
I know that there's not much that you can do other than prepare - that's all that we can do really. At least we aren't part of the group that are in denial about it, it's going to be more difficult for them when they finally realise what's going on.
Look after yourself and your family Taraz, I know it's a tough situation all round and you're doing the best you can.
I think this is more of a global problem, not located in one or other country. In the last year, twice the data was leaked from the companies I use (UK here). And they just apologized and kept going forward.
Yes it is global for sure - "supposedly" they are saying the hack came from Europe - but, who the hell knows for sure these days? In my unprofessional opinion, using IP location to track is a bit useless in this day and age.
At least you got a sorry! :D
Unless you got enough land to make a self sustaining farm with animals, garden, solar panels and windmill to get your own electricity, and add some Tesla internet, running away from the society, there is no escape.
Exactly. How many people can actually do this? Close to zero.
The hacks keep happening and I don't think that will change. At this point, I think it's just part of the common things that happen. I am pretty sure our information is being sold everyone across the internet because a lot of people use the internet now
Posted Using LeoFinance Beta
In my country, Nigeria, internet fraud has become a lifestyle as it presents as a get-rich-quick scheme. Lots of people, countless and still counting have watched their money 'disappear'from their accounts to untraceable location with the sad part being that there's next to nothing they can do about it because where I come from, almost nothing works.
If things would get worse as you have rightly predicted due to the faults in a centralized data system, then, I wouldn't know what to say.